Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB345E90E32711EDB4DEA453C4F9AE02.roa
File: AB345E90E32711EDB4DEA453C4F9AE02.roa (raw, json)
Hash identifier: BZyE31obdfH/ueNfX27CerE0EKxSPm2Fc0Wkck4FdPA=
Subject key identifier: 51:DB:5E:F6:A5:88:7E:98:E6:C4:54:D4:55:D8:C5:DE:9B:86:7F:9E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 68F6
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB345E90E32711EDB4DEA453C4F9AE02.roa
Signing time: Tue 25 Apr 2023 05:11:44 +0000
ROA not before: Tue 25 Apr 2023 05:11:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137119
IP address blocks: 103.171.50.0/23 maxlen: 24
103.172.84.0/23 maxlen: 24
2001:df7:4c00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26870 (0x68f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 25 05:11:44 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6447610f-22a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:aa:e1:d8:6e:a1:28:9b:eb:99:b3:01:9a:a7:
d4:e2:b4:55:e1:b9:a6:48:6e:76:f4:33:d0:31:be:
db:9d:32:07:a0:46:cd:06:03:ec:7f:79:fa:0c:6f:
ed:d0:35:25:b4:74:3a:92:f6:46:54:5b:08:f0:56:
63:d9:77:ba:b6:6c:28:b7:13:0e:6d:33:54:c4:9a:
2c:af:6d:c1:90:08:8f:04:e8:77:f3:9e:7b:f9:ff:
5c:d6:4b:a4:6c:a9:c2:96:2c:33:85:67:60:63:f8:
6f:6d:90:d7:10:50:07:77:cd:79:ca:65:44:f2:f1:
f9:c9:7d:17:0e:4f:d4:9f:2e:4e:04:ee:b9:ec:c0:
4a:21:9d:02:25:42:56:b5:34:79:b5:76:87:11:de:
2c:39:6d:fa:20:7c:64:f7:4e:b3:fc:86:c1:bf:fb:
fc:36:08:37:cc:f0:21:6a:3b:82:29:c0:d2:96:f4:
d3:2e:e3:17:62:43:d3:75:d9:a4:5e:47:2b:10:8f:
8c:52:3e:13:f9:00:29:e4:af:26:f5:9e:4c:9d:ad:
83:d7:46:4a:63:a7:7e:db:26:52:e7:34:e0:d9:bb:
cb:80:fe:2a:12:a8:e3:92:ae:60:c4:1d:7d:0c:9e:
c0:b1:ad:83:61:55:73:35:f6:f8:dc:32:da:f8:1b:
f8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:DB:5E:F6:A5:88:7E:98:E6:C4:54:D4:55:D8:C5:DE:9B:86:7F:9E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB345E90E32711EDB4DEA453C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.50.0/23
103.172.84.0/23
IPv6:
2001:df7:4c00::/48
Signature Algorithm: sha256WithRSAEncryption
0b:03:6d:00:ff:47:b2:29:73:47:42:00:7a:1c:0c:d4:62:3b:
a2:f0:bd:52:4f:e5:1d:82:2e:bf:13:09:dd:bc:bf:13:50:10:
cc:92:3d:a5:a4:93:6a:ad:04:4a:3e:8d:7e:91:ac:68:c3:3f:
ba:c7:63:5b:b3:5b:0f:4a:12:c2:0b:96:18:43:52:e3:43:c9:
dd:59:3d:b9:f2:89:96:fd:40:05:b6:40:09:ee:50:a4:01:e9:
21:bb:aa:53:30:98:17:ec:ce:c6:77:be:aa:a2:e3:1f:18:86:
29:86:c4:7a:b6:87:6a:e2:30:b3:5b:fe:71:13:4f:43:bf:b0:
e1:76:84:75:94:68:4e:b5:ca:c8:b0:d4:a4:04:7e:de:c0:7a:
ca:97:20:ed:a3:25:1e:90:a8:5c:cc:1a:08:b9:64:45:7e:cd:
5e:fc:b6:66:8b:6b:54:84:1c:20:72:f6:3d:8d:32:6e:bf:78:
ab:3f:7a:77:28:80:0b:2e:f4:b4:f9:a7:15:36:5a:35:65:02:
89:82:32:26:db:6e:e8:84:35:d2:b6:c5:91:a1:fd:8c:ac:9e:
92:8c:88:c2:fd:75:9f:11:36:12:05:89:07:cb:08:0b:ce:3a:
0c:f0:27:c0:c6:b9:78:df:1e:7e:18:80:4c:3f:db:7c:1c:c1:
a7:ab:a6:69
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICaPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNDI1MDUxMTQ0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQ3NjEwZi0yMmE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzarh2G6hKJvrmbMBmqfU4rRV4bmmSG529DPQMb7bnTIHoEbNBgPsf3n6DG/t
0DUltHQ6kvZGVFsI8FZj2Xe6tmwotxMObTNUxJosr23BkAiPBOh38557+f9c1kuk
bKnCliwzhWdgY/hvbZDXEFAHd815ymVE8vH5yX0XDk/Uny5OBO657MBKIZ0CJUJW
tTR5tXaHEd4sOW36IHxk906z/IbBv/v8Ngg3zPAhajuCKcDSlvTTLuMXYkPTddmk
XkcrEI+MUj4T+QAp5K8m9Z5Mna2D10ZKY6d+2yZS5zTg2bvLgP4qEqjjkq5gxB19
DJ7Asa2DYVVzNfb43DLa+Bv4zQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFFHbXval
iH6Y5sRU1FXYxd6bhn+eMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQUIzNDVFOTBF
MzI3MTFFREI0REVBNDUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnqzIDBAFnrFQwDwQCAAIwCQMHACABDfdMADANBgkqhkiG
9w0BAQsFAAOCAQEACwNtAP9HsilzR0IAehwM1GI7ovC9Uk/lHYIuvxMJ3by/E1AQ
zJI9paSTaq0ESj6NfpGsaMM/usdjW7NbD0oSwguWGENS40PJ3Vk9ufKJlv1ABbZA
Ce5QpAHpIbuqUzCYF+zOxne+qqLjHxiGKYbEeraHauIws1v+cRNPQ7+w4XaEdZRo
TrXKyLDUpAR+3sB6ypcg7aMlHpCoXMwaCLlkRX7NXvy2ZotrVIQcIHL2PY0ybr94
qz96dyiACy70tPmnFTZaNWUCiYIyJttu6IQ10rbFkaH9jKyekoyIwv11nxE2EgWJ
B8sIC846DPAnwMa5eN8efhiATD/bfBzBp6umaQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org